How do I protect the privacy of my site's shared encryption key?

The shared encryption key (SEK) is used by Ocean to encrypt a patient's personal health information (PHI) prior to leaving the circle of care. Beyond the standard strong security precautions implemented by Ocean, the privacy of the shared encryption key effectively prevents third parties (including OceanMD) from eavesdropping on patient information. Without the shared encryption key, the patient's data cannot be decrypted and consequently cannot be viewed.

As a result (in the spirit of PIPEDA and our privacy policy), it is important for health information custodians (HICs) to take precautions to ensure the shared encryption key and its associated password remain private.

These precautions sometimes make it more difficult for clinicians to locate the shared encryption key when it is needed for legitimate clinical purposes. It could lead to a very unfortunate situation when the shared encryption key is lost completely, because it prevents health service providers from viewing potentially important clinical information about patients in Ocean. For tips on recovering your site's shared encryption key, please refer to: "Recovering a Lost / Forgotten Shared Encryption Key".

General Precautions for Protecting the Shared Encryption Key

Ocean provides some automated mechanisms to protect the privacy of the shared encryption key:

  • Ocean does not send the SEK across the network for any reason except when configuring your Ocean site and Cloud Connect. The SEK is protected from access by OceanMD staff by a number of controls.
  • All requested viewings of the SEK in the Ocean Portal are logged.
  • The SEK cannot be viewed in an electronic medical record without prior authorization as a clinical administrator.
    • e.g. in PS Suite, the user is prompted to enter their Ocean username and password and is subsequently validated as an Ocean site administrator prior to the key's presentation

Best Practices for Clinical Administrators

  • Follow standard "strong password" security guidelines when choosing a shared encryption key
  • Keep the "hint" for your shared encryption key sufficiently vague such that a hacker could not easily use it to guess the key, find the key's physical location, or use social engineering to obtain it
  • Do not write down the shared encryption key in a public location
  • Do not choose a hint that is merely a shortened or transformed version of the actual shared encryption key (e.g. using "P@ssw0rd" to describe password)
  • Do not enter the shared encryption key in browsers on publicly-accessible terminals
  • Do not email the shared encryption key.
  • Do not store the shared encryption key on an external drive or cloud server without appropriate privacy and security protocols to restrict access.
  • If you print the shared encryption key, keep a known, limited number of copies of the printout and store them in a secure, locked location.
  • Do not re-use a personal password for the key
  • Do not re-use a clinic-wide password for the key
  • Do not re-use a shared encryption key that has been used by any other clinic.
  • Change the key if it has been publicly disclosed or compromised by an untrusted individual.
  • Consider using a trusted secure password manager such as 1Password to store the shared encryption key.
Have more questions? Submit a request